<= [[plugin:authPDO]] ====== Joomla ====== Configuration for [[plugin:authPDO]] plugin to login to DokuWiki with existing Joomla username & password. ---- NOTICE: There is a plugin [[plugin:authjoomla3]] which basically does the same, employing AuthPDO functionality and getting settings automatically from Joomla installation. However, for security reasons setting AuthPDO can be better, because unlike authjoomla3 it doesn't access Joomla directory. So we can limit the PHP access of web sites to each other, with open_basedir. For example, using NGINX: location ~ \.php$ { try_files $uri $uri/ /doku.php; fastcgi_pass unix:/run/php-fpm/php-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PHP_VALUE open_basedir="/usr/share/nginx/www/dokuwiki/:/tmp/"; include fastcgi_params; } So DokuWiki site would have access only to its folder (and temp folder or whatever you set there), but not to Joomla files. Also, the DokuWiki user for the database can have very limited rights too — just to read users tables information. ---- ===== Scenario ===== The intention is to permit the users registered on Joomla site to make edits in the Wiki, using the same credentials. This does not give a 'single sign-on' experience, just enables a user to have the same username, password etc. on both Joomla and Dokuwiki installations. Works on PHP 7 + MySQL + Joomla 3.9. ===== Wiki Configuration ===== Just in case, backup conf/local.php In the AuthPDO section, configure the following: | plugin>authpdo>debug | Checkbox - enable this for testing, otherwise disable | | plugin>authpdo>dsn | ''%%mysql:host=localhost;dbname=;charset=utf8mb4%%'' | |(<- That is, if the charset in Joomla DB is utf8mb4; otherwise just utf8). || | plugin>authpdo>user | | | plugin>authpdo>pass | | | plugin>authpdo>select-user | ''%%SELECT `username` AS user, `password` AS `hash`, `email` AS mail, `name`, `id` AS uid from `#__users` WHERE (`username`= :user AND `block`=0);%%'' | |(1. Replace "#_" in the table name with the actual prefix used in that DB, e.g. it could be //jos_users//.\\ 2. `block`=0 means do not authenticate blocked users, such as spammers).|| | plugin>authpdo>select-user-groups | ''%%SELECT `title` AS `group` FROM `#__user_usergroup_map` AS m, `d0_usergroups` AS g WHERE m.`group_id` = g.`id` AND m.`user_id` = :uid;%%'' | |(Replace "#_" in the table name with actual prefix of that DB, e.g. it could be //jos_users//.|| In the Authentication section: | authtype | authpdo | | passcrypt | bcrypt | | superuser | | | disableactions | register | And if you like to replace default DokuWiki groups with group structure from Joomla: | defaultgroup | Registered | | superuser | @Super Users | In ACL settings, assign to group ''@Registered'' the same rights as ''@user''. It's posible to add settings for typical Joomla groups "Author", "Manager" etc., according to your particular needs.